CVE-2016-9349

HIGH

Advantech SUISAccess Server <3.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2016-9349. PoCs published by James Fitts.

AI-analyzed exploit summary This Ruby script exploits CVE-2026-9351 in Advantech SUSIAccess by leveraging directory traversal to extract credentials from log files, then uploading a malicious ZIP file to achieve arbitrary file write and potential remote code execution.

Description

An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.

Exploits (2)

exploitdb WORKING POC

by James Fitts · rubywebappsjsp

https://www.exploit-db.com/exploits/42402

View Code ZIP pw:eip

This Ruby script exploits CVE-2026-9351 in Advantech SUSIAccess by leveraging directory traversal to extract credentials from log files, then uploading a malicious ZIP file to achieve arbitrary file write and potential remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Advantech SUSIAccess <= 3.0

Auth required

Prerequisites: Network access to the target · Presence of log files with credentials

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by James Fitts · rubywebappsjsp

https://www.exploit-db.com/exploits/42401

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Advantech SUSIAccess Server by sending a crafted GET request with '../' sequences to download arbitrary files. The vulnerability is due to improper path sanitization in the 'downloadCSV.jsp' endpoint.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Advantech SUSIAccess Server <= 3.0

No auth needed

Prerequisites: Network access to the target server · Target server running Advantech SUSIAccess Server <= 3.0

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Mitigation, Third Party Advisory, US Government Resource x_refsource_misc

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94629

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42401/

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42402/

Scores

CVSS v3 7.5

EPSS 0.0788

EPSS Percentile 93.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (2)

advantech/susiaccess < 3.0

n/a/Advantech SUSIAccess Server 3.0 and prior Advantech SUSIAccess Server 3.0 and prior

Published Feb 13, 2017

Tracked Since Feb 18, 2026